When host name lookups are performed, two configuration files are consulted to determine where to get the information from. The first is /etc/nsswitch.conf (the "name service switch" file). This file tells the resolver (the lookup routine) what data source to consult for the information. It is used to configure several types of lookup including user name , group, and host name lookups. In this topic we are concerned only with host name lookups.

All that the nsswitch file really does is to tell the resolver which library to call to do the work. There is a simple mapping between the entries in the file and the library names. For example, given this line in nsswitch.conf:

hosts: dns nis files

the resolver will attempt to use the libraries libnss_dns, libnss_nis and libnss_files, in that order.

Additional notations in the file control what action to take if a particular type of lookup fails. For example, this entry:

hosts: dns [NOTFOUND=return] files

tells the resolver to consult DNS first. If the resolver was able to perform a DNS lookup but DNS did not find the name, the resolver will immediately return failure. The local file (/etc/hosts) will only be consulted in the event that DNS cannot be contacted at all.

Common "database" names in nsswitch.conf

Keyword

Description

passwd

user names

group

group names

hosts

host names

networks

network names

Common information sources in nsswitch.conf

Keyword

Description

files

flat files, generally in /etc

nis

a map from a NIS server

dns

a DNS server

ldap

an LDAP server

Sample /etc/nsswitch.conf

hosts:files dns

networks: files nis ldap

In the case that DNS is being used for name resolution, a second file, /etc/resolv.conf, is consulted. This specifies the IP addresses of one (or preferably two or three) DNS servers.

Sample /etc/resolv.conf

search example.com

nameserver 192.168.1.254

nameserver 24.215.7.126

options timeout:2

Here, two name servers are specified. The first is, presumably, on the local network (since it's a private IP address). In the case of networks that connect through a broadband modem/router to an ISP, the router itself is probably providing a caching DNS service. The second (to be used if the first is unavailable) might be a name server maintained by your ISP, or any other DNS server you trust.

The search directive specifies a default domain. For example if the resolver is looking up a simple name like "neptune" it will append the default domain (so in this example it will look up neptune.example.com).

The options directive is not often used. It can be used to configure specific resolver settings. The example shown sets the amount of time (in seconds) the resolver will wait for a response from a remote name server before trying the next one. (The default is 5 seconds). For other options, see the man page for resolv.conf(5)

The figure below shows a fragment of the DNS name-space for machines in the Computer Science department at Sheffield University, an academic institution in the UK:

Names in DNS are written "little endian", that is, starting from the bottom of the tree and working up. An example from the figure above is zaphod.cs.sheffield.ac.uk. Such a name is known as a fully qualified domain name (FQDN).

DNS servers hold several types of record. These include:

Record types in DNS

Record type

Description

A

These records map host names onto IPV4 addresses. These are the most commonly used records in DNS

MX

Mail exchanger records specify the name of the mail server for a specified domain. For example the MX record for lpi.org tells us where to send mail for the user jim@lpi.org

PTR

These records map IP addresses back to host names, supporting "reverse DNS lookups". A complete name-space (with a top-level domain at inaddr.arpa) exists to support these lookups

NS

Name server records specify the name server for a given domain. For example the NS records for lpi.org tell us which servers are able to resolve the name www.lpi.org.

The primary or master DNS server for a domain is the one that is ultimately responsible for resolving queries for records in that domain. On these servers, zone files (plain text files) contain the definitions of the records for that domain. These zone files are the raw materials of DNS.

Secondary (or slave) DNS servers are used to share the load with the primary servers (and to avoid having a single point of failure in case the primary server goes down). Secondary DNS servers maintain copies of the zone files but these are obtained by synchronising with the primary server. This synchronisation is called a zone transfer.

Caching DNS servers do not hold their own zone files. They simply forward DNS queries to other servers but retain (cache) the results they receive so that if a query is repeated it can be answered rapidly from the local cache. Caching DNS servers are easy to set up and even if you run only a small corporate network it is probably worth setting up a caching DNS server to service it.

The following is a partial list of the used files, terms and utilities: